Archive

Category Archives for "Networking"

Flow-based monitoring for Magic Transit

Flow-based monitoring for Magic Transit
Flow-based monitoring for Magic Transit

Network-layer DDoS attacks are on the rise, prompting security teams to rethink their L3 DDoS mitigation strategies to prevent business impact. Magic Transit protects customers’ entire networks from DDoS attacks by placing our network in front of theirs, either always on or on demand. Today, we’re announcing new functionality to improve the experience for on-demand Magic Transit customers: flow-based monitoring. Flow-based monitoring allows us to detect threats and notify customers when they’re under attack so they can activate Magic Transit for protection.

Magic Transit is Cloudflare’s solution to secure and accelerate your network at the IP layer. With Magic Transit, you get DDoS protection, traffic acceleration, and other network functions delivered as a service from every Cloudflare data center. With Cloudflare’s global network (59 Tbps capacity across 200+ cities) and <3sec time to mitigate at the edge, you’re covered from even the largest and most sophisticated attacks without compromising performance. Learn more about Magic Transit here.

Using Magic Transit on demand

With Magic Transit, Cloudflare advertises customers’ IP prefixes to the Internet with BGP in order to attract traffic to our network for DDoS protection. Customers can choose to use Magic Transit always on or on demand. With always Continue reading

Building Snowflakes On Purpose

We all know that building snowflake networks is bad, right? If it’s not a repeatable process it’s going to end up being a problem down the road. If we can’t refer back to documentation to shows why we did something we’re going to end up causing issues and reducing reliability. But what happens when a snowflake process is required to fix a bigger problem? It’s a fun story that highlights where process can break down sometimes.

Reloaded

I’ve mentioned before that I spent about six months doing telephone tech support for Gateway computers. This was back in 2003 so Windows XP was the hottest operating system out there. The nature of support means that you’re going to be spending more time working on older things. In my case this was Windows 95 and 98. Windows 98 was a pain but it was easy to work on.

One of the most common processes we had for Windows 98 was a system reload. It was the last line of defense to fix massive issues or remove viruses. It was something that was second nature to any of the technicians on the help desk:

  1. Boot from the Gateway tools CD and use GWSCAN Continue reading

Video: High-Level Technology Guidelines

I concluded the Focus on Business Challenges First presentation (part of Business Aspects of Networking Technologies webinar) with a few technology guidelines starting with:

  • Be vendor-agnostic (always look around to see what others are doing);
  • Try to understand how the technology you’re evaluating really works (it will help you spot the potential problems before they crash your network);
  • Always select what’s best for your business, not for the sales quota of your friendly $vendor account manager.

For more guidelines, watch the video (available with Free ipSpace.net Subscription).

Creating serendipity with Python

Creating serendipity with Python

We've been experimenting with breaking up employees into random groups (of size 4) and setting up video hangouts between them. We're doing this to replace the serendipitous meetings that sometimes occur around coffee machines, in lunch lines or while waiting for the printer. And also, we just want people to get to know each other.

Which lead to me writing some code. The core of which is divide n elements into groups of at least size g minimizing the size of each group. So, suppose an office has 15 employees in it then it would be divided into three groups of sizes 5, 5, 5; if an office had 16 employees it would be 4, 4, 4, 4; if it had 17 employees it would be 4, 4, 4, 5 and so on.

I initially wrote the following code (in Python):

    groups = [g] * (n//g)

    for e in range(0, n % g):
        groups[e % len(groups)] += 1

The first line creates n//g (// is integer division) entries of size g (for example, if g == 4 and n == 17 then groups == [4, 4, 4, 4]). The for loop deals with the 'left over' parts that Continue reading

Does Unequal-Cost Multipathing Make Sense?

Every now and then I’m getting questions along the lines “why doesn’t X support unequal-cost multipathing (UCMP)?” for X in [ OSPF, BGP, IS-IS ].

To set the record straight: BGP does support some rudimentary form of unequal-cost multipathing with the DMZ Bandwidth community, but it only works across multiple egress points from a single autonomous system. Follow-up nerd knobs described how to use the same community over EBGP sessions; not sure whether anyone implemented that part (comments welcome).

DeepLearning – Intro Fun

I am enjoying insights into deep learning and computer vision and how machine learning is applied on images. While Deep Learning and Nueral networks are subjects for experts in field, I wanted simply to be an end user to do some experiments on my dog and nothing more. I have to mention that I had internal resources to get training on image augmentation techniques, DLL Nueral network frameworks pretrained to be used readily but am still trying to find some way into what this technology is all about and how to implement in my AWS Deeplens.

https://pytorch.org/assets/deep-learning/Deep-Learning-with-PyTorch.pdf

This is a good book to get introduced into pytorch and deep learning terminology. There is a very interesting examples of doing image manipulation of a horse to zebra, and how you can transfer that learning to anything.

Below is how I used on my Dog and results, I had fun starting this and hope you will have fun too, you dont need any great programming or math to just access some of the Neural networks and do some analysis

Normal Image

I wrote this post to let anyone interested to know that I dint had to write any complicated coding Continue reading

Cisco issues 3 critical warnings around ACI, NS-OX security holes

Cisco has issued three security advisories rated “critical” for some of its high-end software systems—two aimed at its Application Services Engine (ASE) implementation and one at the NX-OS operating system.The most concerning warning came for Cisco Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) installed with the ASE which was rated a worse-case scenario, 10 out of a possible 10 on the Common Vulnerability Scoring System (CVSS).  The ACI Multi-Site Orchestrator lets customers control application-access policies across Cisco Application Policy Infrastructure Controller-based fabrics.To read this article in full, please click here

Cisco issues 3 critical warnings around ACI, NS-OX security holes

Cisco has issued three security advisories rated “critical” for some of its high-end software systems—two aimed at its Application Services Engine (ASE) implementation and one at the NX-OS operating system.The most concerning warning came for Cisco Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) installed with the ASE which was rated a worse-case scenario, 10 out of a possible 10 on the Common Vulnerability Scoring System (CVSS).  The ACI Multi-Site Orchestrator lets customers control application-access policies across Cisco Application Policy Infrastructure Controller-based fabrics.To read this article in full, please click here

Tech Bytes: Monitoring Remote Access VPN Performance With ThousandEyes (Sponsored)

On today's Tech Bytes podcast, we talk with sponsor ThousandEyes about monitoring remote access VPNs to get a clearer picture of connectivity and performance issues and to speed troubleshooting. Our guest is Alex Cruz Farmer, Principal Product Manager at ThousandEyes.

The post Tech Bytes: Monitoring Remote Access VPN Performance With ThousandEyes (Sponsored) appeared first on Packet Pushers.

The Hedge #72: Lisa Caywood and Marketectures

The open source world is not much different than the commercial world in terms of building marketectures rather than useable software—largely because open source projects still rely on sources of funding and material support to build and maintain a product. Many times, however, the focus on these marketectures get in the way of real work. Join Tom Ammon, Russ White, and Lisa Caywood as we discuss the problem of marketectures and the broader world of open source software.

download

1 2 3 2,728